cxs

New csf v5.48

Changes:
– New option LF_QOS added which matches hits against the mod_qos Apache module
– New option LF_CXS added which matches hits against the mod_security Apache module rule for cxs if implemented

New cxs v2.51

Changes:
– Improved temporary file cleanup
– Change cxs UI to use /sbin/pidof to determine if the Watch daemon is stopped, starting or running. If /sbin/pidof does not exist, no status is shown
– Modification to prevent scan failure if FTP is down and –options [P] used
– Exploit fingerprint definitions database additions

New cxs v2.50

Changes:
– Improvements to the Fingerprint Matching system
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

New cxs v2.49

Changes:
– Use temporary files when performing a virus scan during –decode ([D])
– Change all clamd STREAM to SCAN scanning
– Use a robust routine for creating random temporary files during –options [Z] (scanning within archives)
– Exploit fingerprint definitions database additions

New cxs v2.48

Changes:
– Allow a value of 0 for –Wrefresh which disables the functionality in the cxs Watch daemon
– Added new advanced PHP decoder for –decode ([D])
– Stop cxs Watch from following symlinks
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

New cxs v2.47

Changes:

– Added new advanced PHP decoders for –decode ([D])
– Change main cxs Watch process name during startup while still starting
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

New cxs v2.46

Changes:

  • Added two new advanced PHP decoders for –decode ([D])
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.45

Changes:

  • Modification to quarantine to ensure unique filenames
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.44

Changes:

  • Added new –ignore [file] option pscript: – regex of web script to ignore
  • Set –options [P] ftp timeout to 10 seconds
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.43 (security fix)

SECURITY FIX. Anyone running cxs on a DirectAdmin server should upgrade to this release immediately:Changes:

  • Add check for successful open of admin.list on DA servers to avoid a segfault, which could lead to a buffer overflow

This issue is apparent on DirectAdmin servers only where this C wrapper is used.Note: cxs is not currently officially support on anything other than cPanel servers